From 0854ad8b8016d0132741a267492d72cfa0d3bd8e Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 21 Jun 2012 12:32:56 +0200 Subject: check when finished downloading the InRelease file if it has the expected gpg clearsign signature and if not download Release/Release.gpg instead --- apt-pkg/contrib/fileutl.cc | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'apt-pkg/contrib/fileutl.cc') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 1808489d7..7af5f5f5e 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -824,6 +824,26 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) } /*}}}*/ +// IsPgpClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ +// --------------------------------------------------------------------- +/* */ +bool IsPgpClearTextSignature(string const &FileName) +{ + static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; + char buffer[sizeof(SIGMSG)]; + FILE* gpg = fopen(FileName.c_str(), "r"); + if (gpg == NULL) + return false; + + char const * const test = fgets(buffer, sizeof(buffer), gpg); + fclose(gpg); + if (test == NULL || strcmp(buffer, SIGMSG) != 0) + return false; + + return true; +} + + // FileFd::Open - Open a file /*{{{*/ // --------------------------------------------------------------------- /* The most commonly used open mode combinations are given with Mode */ -- cgit v1.2.3 From 1c89c98a56df709b4c4477bbd7b86f4e32cee214 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Jul 2012 15:08:06 +0200 Subject: cherry pick -r1846 from bzr+ssh://bazaar.launchpad.net/~mvo/apt/lp346386/ --- apt-pkg/contrib/fileutl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg/contrib/fileutl.cc') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 20d2a02f5..d63195c7d 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -858,7 +858,7 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) bool IsPgpClearTextSignature(string const &FileName) { static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; - char buffer[sizeof(SIGMSG)]; + char buffer[strlen(SIGMSG)+1]; FILE* gpg = fopen(FileName.c_str(), "r"); if (gpg == NULL) return false; -- cgit v1.2.3 From fe5804fc5010dd8f2e9406187bfc1f6afeb29c5a Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Jul 2012 15:19:09 +0200 Subject: cherry pick -r1847 from bzr+ssh://bazaar.launchpad.net/~mvo/apt/lp346386/ --- apt-pkg/contrib/fileutl.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'apt-pkg/contrib/fileutl.cc') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index d63195c7d..960616f33 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -852,10 +852,10 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) } /*}}}*/ -// IsPgpClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ +// StartsWithGPGClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ // --------------------------------------------------------------------- /* */ -bool IsPgpClearTextSignature(string const &FileName) +bool StartsWithGPGClearTextSignature(string const &FileName) { static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; char buffer[strlen(SIGMSG)+1]; -- cgit v1.2.3